Snowflake Role-Based Access Control improved
Let us take a look at the RBAC considerations which are a
part of Snowflake's official documentation.
sysadmin job description |
To support the readers, I will utilize a few portions and
outlines from the official site to clarify the subtleties. There are 5 system-defined
jobs and Snowflake characterize what "role" every system role will
perform and it is prescribed that clients hold fast to this.
- ACCOUNT ADMIN: Account Administrator role which encapsulates the SYSADMIN and SECURITY ADMIN roles.
- SECURITY ADMIN: Role that can monitor, and manage users and roles.
- USER ADMIN: Role that creates roles and users.
- SYS ADMIN: Role that has privileges to create warehouses and databases (and other objects) in an account. All Custom roles are expected to roll up to SYSADMIN.
- PUBLIC: Role that is automatically granted to every user and every role in your account.
Aside from System roles, we can have Custom roles which can
be created by SECURITY ADMIN and to be moved up to SYS ADMIN as a manual
procedure.
From the Official
Documentation
As a component of the official legacy portrayal, you can see
that Snowflake allows every role to be allocated benefits directly and it can
also have benefited by inheritance. In view of this specific thought, the
hierarchical RBAC set up is extrapolated and is usually executed for a more
extensive organizational structure.
Know more: What is the sysadmin job description?
Comments
Post a Comment